CMPUT 333, Assignment 1, Fall 2016

(weak encryption, cipher modes, weak passwords)

Weak Encryption & Cipher Modes (75%)

Part 1 (25%)

You are given an encrypted file (ciphertext1). You know that the plaintext that was encrypted was a text file and that it was encrypted using a variation of the Vigenﻡ؛­ﻡ؛∞ﻗ┤ﻸﻡ؛­ﻡ؛∞ﻗ½½re cipher. The key can be a combination of any printable ASCII characters. The way the encryption takes place between a single plaintext byte, p, and a single key byte, k, to produce a single ciphertext byte, c, can be summarized as follows: First we split the key byte into the lower 4 bits (kl) and the higher 4 bits (kh). We split the plaintext byte to its lower 4 bits (pl) and the higher 4 bits (ph). Likewise, we will generate the resulting ciphertext from two parts, the lower 4 bits (cl) and the higher 4 bits (ch).

ch <- map[ph][kl]
cl <- map[pl][kh]

where:

map[16][16] = {
   {0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe}, 
   {0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0}, 
   {0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7}, 
   {0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa},  
   {0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4},      
   {0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3},     
   {0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1}, 
   {0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf}, 
   {0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2),                             
   {0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5},                             
   {0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb},                             
   {0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6},                              
   {0x9, 0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8},                              
   {0xd, 0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9},                              
   {0xc, 0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd},                              
   {0xe, 0xf, 0x7, 0x6, 0x4, 0x5, 0x1, 0x0, 0x2, 0x3, 0xb, 0xa, 0x8, 0x9, 0xd, 0xc} 
};

Your tasks are to:

Part 2 (25%)

You are given another encrypted file (ciphertext2) encrypted using the same scheme as before but using longer key than the first one. You know that the plaintext file is not a regular text file, but some other commonly used file format.

Your tasks are to:

In your answers make sure to comment on the benefits of known (partial) plaintext. Identify the points where the known plaintext structure helps you in the process of decrypting the ciphertext and recovering the key.

Part 3 (25%)

In this part of the assignment you will experiment with the various cipher modes of DES. You should review the definition of ECB, CBC, CFB, and OFB modes of operation from the textbook.

Note that explanation is not the same as observation. In responding to all the questions, you must refer back to the precise aspect of the ECB, CBC, CFB or OFB mode operation that caused the behavior you observed.

Password Cracking (25%) [Sliding Part]

Each group will be provided separate password hashes files from Unix/Linux and Windows/LANMAN.

In the interest of fairness, the release of the passwords will take place at a specific time and date, which will be pre-announced in class and/or via eclass.

Deliverables

Only one of the group members need to submit on behalf of the entire group (in the event of more than one submission, the last one will be considered). The sliding part (and the sliding part only) can be submitted at any point in time prior to the deadline for the (non-sliding) part of Assignment 2. Your submission must include a report file (in .pdf format) which includes answers to the questions and should cite any resources that you used to answer the questions. It is assumed that all group members equally contribute to the assignment but you have to provide a paragraph in your report which explains how you split the workload. If you need to deviate from this model ("all equally contributing") of cooperation, explain why and indicate who/what was responsible for what.

[Optional: add a single paragraph at the end of the report indicating whether you found any difficulties with this assignment and if you think there are ways in which it could be improved. In particular, we are interested to know if the assignment forced you to learn something new that you did not know of before, and how much effort it took you. Was the workload reasonable?]